query_diet 0.6.2 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +19 -0
- data/lib/query_diet/version.rb +1 -1
- data/lib/query_diet/widget.rb +19 -4
- metadata +3 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: 17f9c2961a95f7d7c70c35ae50bc6f0e659bc3c746ddf519c65448cc9faefa98
|
|
4
|
+
data.tar.gz: 7f76be36042170e1e8d5aff0b066d552f9fff66f2ea5d31bffee3924e5e21368
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 17e90e9a4ec095f1c333f719226ec938d8f058526bdf14c2d731842cf1322057d3d14f35b279e0dd62b86600366b4318e8206852e104a71a25a0bc9dc323f309
|
|
7
|
+
data.tar.gz: 2c7d0bac77d92987974d9229535bff8b438e520c2b00ae71ef37206eef6d2d114ffa07515e5b67af5b78a08a103738fd588ae5c64f8f80dc00f373950dd1e583
|
data/README.md
CHANGED
|
@@ -45,6 +45,25 @@ To change the default, simply pass them to the `query_diet_widget` helper:
|
|
|
45
45
|
<%= query_diet_widget(:bad_count => 4, :bad_time => 2000) %>
|
|
46
46
|
```
|
|
47
47
|
|
|
48
|
+
### Content Security Policy
|
|
49
|
+
|
|
50
|
+
You can pass whether to use a nonce for style and script tags.
|
|
51
|
+
Note that the key must be a symbol like in the example below, otherwise it defaults to `false`.
|
|
52
|
+
|
|
53
|
+
```Erb
|
|
54
|
+
<%= query_diet_widget(:nonce => true) if Rails.env.development? %>
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
In your content security policy initializer of the project you should set the nonce to those directives:
|
|
58
|
+
```Erb
|
|
59
|
+
Rails.application.config.content_security_policy_nonce_directives = %w[script-src style-src]
|
|
60
|
+
```
|
|
61
|
+
|
|
62
|
+
When you do not want to use a nonce, but use a style tag, for example, you could use `unsafe_inline`:
|
|
63
|
+
```Erb
|
|
64
|
+
Rails.application.config.content_security_policy do |policy|
|
|
65
|
+
policy.style_src :self, :unsafe_inline
|
|
66
|
+
```
|
|
48
67
|
|
|
49
68
|
### Rails compatibility
|
|
50
69
|
|
data/lib/query_diet/version.rb
CHANGED
data/lib/query_diet/widget.rb
CHANGED
|
@@ -2,9 +2,9 @@ module QueryDiet
|
|
|
2
2
|
module Widget
|
|
3
3
|
class << self
|
|
4
4
|
|
|
5
|
-
def css
|
|
5
|
+
def css(nonce_attribute)
|
|
6
6
|
<<-EOF
|
|
7
|
-
<style type="text/css"><!--
|
|
7
|
+
<style type="text/css"#{nonce_attribute}><!--
|
|
8
8
|
div#query_diet {
|
|
9
9
|
position: absolute;
|
|
10
10
|
top: 0;
|
|
@@ -31,9 +31,19 @@ module QueryDiet
|
|
|
31
31
|
EOF
|
|
32
32
|
end
|
|
33
33
|
|
|
34
|
+
def js(nonce_attribute)
|
|
35
|
+
<<-EOF
|
|
36
|
+
<script type="text/javascript"#{nonce_attribute}>
|
|
37
|
+
document.getElementById("query_diet").addEventListener("click", function() {
|
|
38
|
+
this.parentNode.removeChild(this);
|
|
39
|
+
});
|
|
40
|
+
</script>
|
|
41
|
+
EOF
|
|
42
|
+
end
|
|
43
|
+
|
|
34
44
|
def html(options)
|
|
35
45
|
<<-EOF
|
|
36
|
-
<div id="query_diet" class="#{QueryDiet::Logger.bad?(options) ? 'bad' : 'good' }"
|
|
46
|
+
<div id="query_diet" class="#{QueryDiet::Logger.bad?(options) ? 'bad' : 'good' }">
|
|
37
47
|
#{QueryDiet::Logger.count} / #{QueryDiet::Logger.time}ms
|
|
38
48
|
</div>
|
|
39
49
|
EOF
|
|
@@ -43,7 +53,12 @@ module QueryDiet
|
|
|
43
53
|
|
|
44
54
|
module Helper
|
|
45
55
|
def query_diet_widget(options = {})
|
|
46
|
-
|
|
56
|
+
default_html_options = {:nonce => false}
|
|
57
|
+
options = options.reverse_merge(default_html_options)
|
|
58
|
+
|
|
59
|
+
nonce_attribute = options.fetch(:nonce) ? " nonce=\"#{content_security_policy_nonce}\"" : ''
|
|
60
|
+
|
|
61
|
+
html = Widget.css(nonce_attribute) + Widget.html(options) + Widget.js(nonce_attribute)
|
|
47
62
|
html.respond_to?(:html_safe) ? html.html_safe : html
|
|
48
63
|
end
|
|
49
64
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: query_diet
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.7.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Henning Koch
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date:
|
|
12
|
+
date: 2020-09-24 00:00:00.000000000 Z
|
|
13
13
|
dependencies: []
|
|
14
14
|
description: Rails database query counter that stays out of your way
|
|
15
15
|
email: github@makandra.de
|
|
@@ -44,8 +44,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
44
44
|
- !ruby/object:Gem::Version
|
|
45
45
|
version: '0'
|
|
46
46
|
requirements: []
|
|
47
|
-
|
|
48
|
-
rubygems_version: 2.4.5.1
|
|
47
|
+
rubygems_version: 3.1.3
|
|
49
48
|
signing_key:
|
|
50
49
|
specification_version: 4
|
|
51
50
|
summary: Rails database query counter that stays out of your way
|